Ubuntu 14.04 LTS / 16.04 LTS : Squid vulnerabilities (USN-3192-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3192-1 advisory. Saulius Lapinskas discovered that Squid incorrectly handled processing HTTP conditional requests. A remote attacker could possibly use this...

USN-3192-1: Squid vulnerabilities

Saulius Lapinskas discovered that Squid incorrectly handled processing HTTP conditional requests. A remote attacker could possibly use this issue to obtain sensitive information related to other clients' browsing sessions. CVE-2016-10002 Felix Hassert discovered that Squid incorrectly handled...

CVE-2016-10002

Removed by vendor...

CVE-2016-10002

CVE-2016-10002 impacts Squid HTTP Proxy. The issue arises from incorrect handling of If-None-Modified responses, where connection-specific cookie data could be leaked across clients due to not removing headers when serving cached responses. Affected Squid lines include 3.1.10–3.1.23, 3.2.0.3–3.5....

CVE-2016-10002

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to prob...

SUSE SLES12 Security Update : squid (SUSE-SU-2017:0116-1)

This update for squid fixes the following issues : - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached bsc1016168 - CVE-2014-9749: Prevent nonce replay in Dige...

DLA-763-1 squid3 - security update

Bulletin has no description...